import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;

public class CustomerDao {
 private Connection conn = null; // 连接对象的变量
 private PreparedStatement pstm = null; // 预处理对象
 private ResultSet rs = null;// 结果集合
 
 public Customer login(String stName, String
password) throws Exception {
 Customer customer = null;
 // 执⾏的SQL语句 注意 英⽂输⼊法的 ? ，?作为参数的占位符使⽤
 String sql = "SELECT id, stName, password1 FROM javaljcs WHERE stName=? AND password1=?";
 // 1. 获取连接对象
 conn = JDBCUtil.getConnection(); 
 // 2. 通过连接对象 创建 PreparedStatement对象 对SQL 语句进⾏ 预编译
 pstm = conn.prepareStatement(sql);
 // 使⽤PreparedStatement 根据 ? 的位置设置参数
 pstm.setString(1, stName); // 参数是String 类型，所以使⽤ setString
 pstm.setString(2, password);
 // 3. 执⾏SQL语句 executeQuery() 返回值为 ResultSet
 rs = pstm.executeQuery();
 // 4. 遍历结果集
 if(rs.next()) {
 // 将查询出的这⼀⾏记录中每个字段都封装到实体属性上
 customer = new Customer();
 // rs.getInt("id");
 customer.setId(rs.getInt("id"));
 
customer.setcustomerName(rs.getString("stName"));
 customer.setPassword1(rs.getString("password1"));
 }

 // 5. 释放资源
 JDBCUtil.close(rs, pstm, conn);
 return customer;
 }
 
 public static void main(String[] args) throws Exception
{
 CustomerDao dao = new CustomerDao();
 Customer customer = dao.login("001", "12345");
 System.out.println(customer);
}
}